def deploy_policy()

in lambda-issuer-acmpca/main.py [0:0]

• 44 lines of code
• 1 McCabe index (conditional complexity)

def deploy_policy( certificate_arn, region, account ):
    policy_name = os.environ["SKUNAME"]
    iot = boto3.client('iot')
    create_policy = False
    
    policy_document = '''{{
  "Version": "2012-10-17",
  "Statement": [
    {{
      "Effect": "Allow",
      "Action": [
        "iot:Publish",
        "iot:Receive"
      ],
      "Resource": [
        "arn:aws:iot:{0}:{1}:topic/sdk/test/java",
        "arn:aws:iot:{0}:{1}:topic/sdk/test/Python",
        "arn:aws:iot:{0}:{1}:topic/topic_1",
        "arn:aws:iot:{0}:{1}:topic/topic_2"
      ]
    }},
    {{
      "Effect": "Allow",
      "Action": [
        "iot:Subscribe"
      ],
      "Resource": [
        "arn:aws:iot:{0}:{1}:topicfilter/sdk/test/java",
        "arn:aws:iot:{0}:{1}:topicfilter/sdk/test/Python",
        "arn:aws:iot:{0}:{1}:topicfilter/topic_1",
        "arn:aws:iot:{0}:{1}:topicfilter/topic_2"
      ]
    }},
    {{
      "Effect": "Allow",
      "Action": [
        "iot:Connect"
      ],
      "Resource": [
        "arn:aws:iot:{0}:{1}:client/sdk-java",
        "arn:aws:iot:{0}:{1}:client/basicPubSub",
        "arn:aws:iot:{0}:{1}:client/sdk-nodejs-*"
      ]
    }}
  ]